diff --git a/backend/open_webui/env.py b/backend/open_webui/env.py index d49a79b3b1..a880cae45f 100644 --- a/backend/open_webui/env.py +++ b/backend/open_webui/env.py @@ -364,6 +364,11 @@ if DATABASE_USER_ACTIVE_STATUS_UPDATE_INTERVAL is not None: except Exception: DATABASE_USER_ACTIVE_STATUS_UPDATE_INTERVAL = 0.0 +# Enable public visibility of active user count (when disabled, only admins can see it) +ENABLE_PUBLIC_ACTIVE_USERS_COUNT = ( + os.environ.get("ENABLE_PUBLIC_ACTIVE_USERS_COUNT", "True").lower() == "true" +) + RESET_CONFIG_ON_START = ( os.environ.get("RESET_CONFIG_ON_START", "False").lower() == "true" ) diff --git a/backend/open_webui/main.py b/backend/open_webui/main.py index d8e937a567..28e3dbcc8e 100644 --- a/backend/open_webui/main.py +++ b/backend/open_webui/main.py @@ -473,6 +473,7 @@ from open_webui.env import ( EXTERNAL_PWA_MANIFEST_URL, AIOHTTP_CLIENT_SESSION_SSL, ENABLE_STAR_SESSIONS_MIDDLEWARE, + ENABLE_PUBLIC_ACTIVE_USERS_COUNT, ) @@ -1848,6 +1849,7 @@ async def get_app_config(request: Request): "enable_login_form": app.state.config.ENABLE_LOGIN_FORM, "enable_websocket": ENABLE_WEBSOCKET_SUPPORT, "enable_version_update_check": ENABLE_VERSION_UPDATE_CHECK, + "enable_public_active_users_count": ENABLE_PUBLIC_ACTIVE_USERS_COUNT, **( { "enable_direct_connections": app.state.config.ENABLE_DIRECT_CONNECTIONS, @@ -2024,10 +2026,19 @@ async def get_current_usage(user=Depends(get_verified_user)): This is an experimental endpoint and subject to change. """ try: + # If public visibility is disabled, only allow admins to access this endpoint + if not ENABLE_PUBLIC_ACTIVE_USERS_COUNT and user.role != "admin": + raise HTTPException( + status_code=status.HTTP_403_FORBIDDEN, + detail="Access denied. Only administrators can view usage statistics.", + ) + return { "model_ids": get_models_in_use(), "user_count": Users.get_active_user_count(), } + except HTTPException: + raise except Exception as e: log.error(f"Error getting usage statistics: {e}") raise HTTPException(status_code=500, detail="Internal Server Error") diff --git a/src/lib/components/layout/Sidebar/UserMenu.svelte b/src/lib/components/layout/Sidebar/UserMenu.svelte index 746834933d..aca72cf39d 100644 --- a/src/lib/components/layout/Sidebar/UserMenu.svelte +++ b/src/lib/components/layout/Sidebar/UserMenu.svelte @@ -9,7 +9,7 @@ import { getUsage } from '$lib/apis'; import { getSessionUser, userSignOut } from '$lib/apis/auths'; - import { showSettings, mobile, showSidebar, showShortcuts, user } from '$lib/stores'; + import { showSettings, mobile, showSidebar, showShortcuts, user, config } from '$lib/stores'; import { WEBUI_API_BASE_URL } from '$lib/constants'; @@ -59,9 +59,14 @@ } }; - $: if (show) { - getUsageInfo(); - } + const handleDropdownChange = (state: boolean) => { + dispatch('change', state); + + // Fetch usage info when dropdown opens, if user has permission + if (state && ($config?.features?.enable_public_active_users_count || role === 'admin')) { + getUsageInfo(); + } + }; @@ -75,9 +80,7 @@ { - dispatch('change', state); - }} + onOpenChange={handleDropdownChange} > @@ -352,7 +355,7 @@
{$i18n.t('Sign Out')}
- {#if showActiveUsers && usage} + {#if showActiveUsers && ($config?.features?.enable_public_active_users_count || role === 'admin') && usage} {#if usage?.user_count}
@@ -364,7 +367,9 @@
{ - getUsageInfo(); + if ($config?.features?.enable_public_active_users_count || role === 'admin') { + getUsageInfo(); + } }} >